Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-24 09:07:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

* [FIX] Fixed LDAP filtering by escaping special chars. Thanks to @pirrimanson2000 for the feedback. Fixes #667

Browse Source
This commit is contained in:
nuxsmin
2017-07-31 08:43:42 +02:00
parent fed20b2818
commit a7fb09d6b3
4 changed files with 32 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
inc/SP/Auth/Ldap/LdapBase.class.php
View File

@@ -204,7 +204,7 @@ abstract class LdapBase implements LdapInterface, AuthInterface
/**
* Realizar la autentificación con el servidor de LDAP.
*
* @param string $bindDn con el DN del usuario
* @param string $bindDn con el DN del usuario
* @param string $bindPass con la clave del usuario
* @throws SPException
* @return bool
@@ -257,8 +257,8 @@ abstract class LdapBase implements LdapInterface, AuthInterface
/**
* Devolver los resultados de una paginación
*
* @param string $filter Filtro a utilizar
* @param array $attributes Atributos a devolver
* @param string $filter Filtro a utilizar
* @param array $attributes Atributos a devolver
* @return bool|array
*/
protected function getResults($filter, array $attributes = null)
@@ -329,6 +329,16 @@ abstract class LdapBase implements LdapInterface, AuthInterface
$this->serverPort = $this->getServerPort();
}
/**
* Devolver el puerto del servidor si está establecido
*
* @return int
*/
protected function getServerPort()
{
return preg_match('/[\d\.]+:(\d+)/', $this->server, $port) ? $port[1] : 389;
}
/**
* @return string
*/
@@ -462,16 +472,6 @@ abstract class LdapBase implements LdapInterface, AuthInterface
return true;
}
/**
* Devolver el puerto del servidor si está establecido
*
* @return int
*/
protected function getServerPort()
{
return preg_match('/[\d\.]+:(\d+)/', $this->server, $port) ? $port[1] : 389;
}
/**
* Obtener el servidor de LDAP a utilizar
*
@@ -589,7 +589,7 @@ abstract class LdapBase implements LdapInterface, AuthInterface
protected function searchGroupDN()
{
$group = $this->getGroupName() ?: $this->group;
$filter = '(cn=' . $group . ')';
$filter = '(cn=' . ldap_escape($group) . ')';
$searchResults = $this->getResults($filter, ['dn', 'cn']);

15
inc/SP/Auth/Ldap/LdapMsAds.class.php
View File

@@ -42,16 +42,17 @@ class LdapMsAds extends LdapBase
* Devolver el filtro para comprobar la pertenecia al grupo
*
* @return mixed
* @throws \SP\Core\Exceptions\SPException
*/
protected function getGroupDnFilter()
{
if (empty($this->group)) {
return '(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject))';
} else {
$groupDN = $this->searchGroupDN();
return '(&(|(memberOf=' . $groupDN . ')(groupMembership=' . $groupDN . ')(memberof:1.2.840.113556.1.4.1941:=' . $groupDN . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
}
$groupDN = ldap_escape($this->searchGroupDN());
return '(&(|(memberOf=' . $groupDN . ')(groupMembership=' . $groupDN . ')(memberof:1.2.840.113556.1.4.1941:=' . $groupDN . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
}
/**
@@ -99,7 +100,9 @@ class LdapMsAds extends LdapBase
*/
protected function getUserDnFilter()
{
return '(&(|(samaccountname=' . $this->userLogin . ')(cn=' . $this->userLogin . ')(uid=' . $this->userLogin . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject))(objectCategory=person))';
$userLogin = ldap_escape($this->userLogin);
return '(&(|(samaccountname=' . $userLogin . ')(cn=' . $userLogin . ')(uid=' . $userLogin . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject))(objectCategory=person))';
}
/**
@@ -125,7 +128,7 @@ class LdapMsAds extends LdapBase
}
$groupDN = $this->LdapAuthData->getGroupDn();
$filter = '(memberof:1.2.840.113556.1.4.1941:=' . $groupDN . ')';
$filter = '(memberof:1.2.840.113556.1.4.1941:=' . ldap_escape($groupDN) . ')';
$searchResults = $this->getResults($filter, ['sAMAccountName']);

14
inc/SP/Auth/Ldap/LdapStd.class.php
View File

@@ -47,11 +47,11 @@ class LdapStd extends LdapBase
{
if (empty($this->group)) {
return '(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject))';
} else {
$groupDN = $this->searchGroupDN();
return '(&(|(memberOf=' . $groupDN . ')(groupMembership=' . $groupDN . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
}
$groupDN = ldap_escape($this->searchGroupDN());
return '(&(|(memberOf=' . $groupDN . ')(groupMembership=' . $groupDN . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
}
/**
@@ -71,7 +71,9 @@ class LdapStd extends LdapBase
*/
protected function getUserDnFilter()
{
return '(&(|(samaccountname=' . $this->userLogin . ')(cn=' . $this->userLogin . ')(uid=' . $this->userLogin . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
$userLogin = ldap_escape($this->userLogin);
return '(&(|(samaccountname=' . $userLogin . ')(cn=' . $userLogin . ')(uid=' . $userLogin . '))(|(objectClass=inetOrgPerson)(objectClass=person)(objectClass=simpleSecurityObject)))';
}
/**
@@ -99,7 +101,7 @@ class LdapStd extends LdapBase
$userDN = $this->LdapAuthData->getDn();
$groupName = $this->getGroupName() ?: $this->group;
$filter = '(&(cn=' . $groupName . ')(|(member=' . $userDN . ')(uniqueMember=' . $userDN . '))(|(objectClass=groupOfNames)(objectClass=groupOfUniqueNames)(objectClass=group)))';
$filter = '(&(cn=' . ldap_escape($groupName) . ')(|(member=' . ldap_escape($userDN) . ')(uniqueMember=' . ldap_escape($userDN) . '))(|(objectClass=groupOfNames)(objectClass=groupOfUniqueNames)(objectClass=group)))';
$searchResults = $this->getResults($filter, ['member', 'uniqueMember']);

2
inc/SP/Util/Util.class.php
View File

@@ -386,7 +386,7 @@ class Util
*/
public static function getVersion($retBuild = false, $normalized = false)
{
$build = 17072504;
$build = 17073101;
$version = [2, 1, 12];
if ($normalized === true) {